Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/poppler@0.26.5-2%2Bdeb8u1~bpo70%2B1
Typedeb
Namespacedebian
Namepoppler
Version0.26.5-2+deb8u1~bpo70+1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version26.01.0-4
Latest_non_vulnerable_version26.01.0-4
Affected_by_vulnerabilities
0
url VCID-161f-sfg7-8bhf
vulnerability_id VCID-161f-sfg7-8bhf
summary In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20662.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20662
reference_id
reference_type
scores
0
value 0.0059
scoring_system epss
scoring_elements 0.69574
published_at 2026-06-04T12:55:00Z
1
value 0.0059
scoring_system epss
scoring_elements 0.69614
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20662
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20662
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1665273
reference_id 1665273
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1665273
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158
reference_id 918158
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=918158
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
8
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2018-20662
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-161f-sfg7-8bhf
1
url VCID-1dky-1wb2-huaa
vulnerability_id VCID-1dky-1wb2-huaa
summary In Poppler 0.59.0, memory corruption occurs in a call to Object::streamGetChar in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opShowText, and Gfx::doShowText calls (aka a Gfx.cc infinite loop).
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14519.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14519
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.30985
published_at 2026-06-04T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31051
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14519
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1499165
reference_id 1499165
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1499165
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086
reference_id 876086
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876086
18
reference_url https://usn.ubuntu.com/3433-1/
reference_id USN-3433-1
reference_type
scores
url https://usn.ubuntu.com/3433-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14519
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1dky-1wb2-huaa
2
url VCID-1vfp-wqj8-pqh3
vulnerability_id VCID-1vfp-wqj8-pqh3
summary A heap-based buffer underwrite exists in ImageStream::getLine() located at Stream.cc in Poppler 0.74.0 that can (for example) be triggered by sending a crafted PDF file to the pdfimages binary. It allows an attacker to cause Denial of Service (Segmentation fault) or possibly have unspecified other impact.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9200.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9200
reference_id
reference_type
scores
0
value 0.03439
scoring_system epss
scoring_elements 0.87706
published_at 2026-06-04T12:55:00Z
1
value 0.03439
scoring_system epss
scoring_elements 0.87727
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9200
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9200
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1683632
reference_id 1683632
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1683632
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414
reference_id 923414
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=923414
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
8
reference_url https://usn.ubuntu.com/3905-1/
reference_id USN-3905-1
reference_type
scores
url https://usn.ubuntu.com/3905-1/
9
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2019-9200
risk_score 2.9
exploitability 0.5
weighted_severity 5.7
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1vfp-wqj8-pqh3
3
url VCID-2dsa-qkvf-h3fw
vulnerability_id VCID-2dsa-qkvf-h3fw
summary In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Content::Content in Annot.cc via a crafted PDF document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14926.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14926
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.38397
published_at 2026-06-04T12:55:00Z
1
value 0.00173
scoring_system epss
scoring_elements 0.38485
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14926
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14926
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:C
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1500323
reference_id 1500323
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1500323
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239
reference_id 877239
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877239
6
reference_url https://usn.ubuntu.com/3440-1/
reference_id USN-3440-1
reference_type
scores
url https://usn.ubuntu.com/3440-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14926
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dsa-qkvf-h3fw
4
url VCID-2xrd-q3wc-kfhj
vulnerability_id VCID-2xrd-q3wc-kfhj
summary poppler: Out-of-Bounds Read in Poppler
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-32365.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2025-32365
reference_id
reference_type
scores
0
value 0.00065
scoring_system epss
scoring_elements 0.20487
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2025-32365
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-32365
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191
reference_id 1102191
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1102191
5
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577
reference_id 1577
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1577
6
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792
reference_id 1792
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T14:43:55Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/merge_requests/1792
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2357656
reference_id 2357656
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2357656
8
reference_url https://access.redhat.com/errata/RHSA-2026:0126
reference_id RHSA-2026:0126
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0126
9
reference_url https://access.redhat.com/errata/RHSA-2026:0128
reference_id RHSA-2026:0128
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0128
10
reference_url https://access.redhat.com/errata/RHSA-2026:0130
reference_id RHSA-2026:0130
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0130
11
reference_url https://access.redhat.com/errata/RHSA-2026:0772
reference_id RHSA-2026:0772
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0772
12
reference_url https://access.redhat.com/errata/RHSA-2026:0773
reference_id RHSA-2026:0773
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0773
13
reference_url https://access.redhat.com/errata/RHSA-2026:0774
reference_id RHSA-2026:0774
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0774
14
reference_url https://access.redhat.com/errata/RHSA-2026:0795
reference_id RHSA-2026:0795
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0795
15
reference_url https://access.redhat.com/errata/RHSA-2026:0796
reference_id RHSA-2026:0796
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0796
16
reference_url https://access.redhat.com/errata/RHSA-2026:0797
reference_id RHSA-2026:0797
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0797
17
reference_url https://access.redhat.com/errata/RHSA-2026:0799
reference_id RHSA-2026:0799
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:0799
18
reference_url https://access.redhat.com/errata/RHSA-2026:1090
reference_id RHSA-2026:1090
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1090
19
reference_url https://access.redhat.com/errata/RHSA-2026:1091
reference_id RHSA-2026:1091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2026:1091
20
reference_url https://usn.ubuntu.com/7426-1/
reference_id USN-7426-1
reference_type
scores
url https://usn.ubuntu.com/7426-1/
21
reference_url https://usn.ubuntu.com/7426-2/
reference_id USN-7426-2
reference_type
scores
url https://usn.ubuntu.com/7426-2/
fixed_packages
0
url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-4n4u-c4u9-kkep
2
vulnerability VCID-4y9q-jfwk-5bde
3
vulnerability VCID-arhw-n285-r3dv
4
vulnerability VCID-e3pp-vnez-rude
5
vulnerability VCID-r2f4-bgaw-t7gu
6
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1
aliases CVE-2025-32365
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2xrd-q3wc-kfhj
5
url VCID-4hjh-cqg4-wqdk
vulnerability_id VCID-4hjh-cqg4-wqdk
summary The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-18267.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-18267
reference_id
reference_type
scores
0
value 0.00274
scoring_system epss
scoring_elements 0.51066
published_at 2026-06-04T12:55:00Z
1
value 0.00274
scoring_system epss
scoring_elements 0.51128
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-18267
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18267
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1578777
reference_id 1578777
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1578777
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357
reference_id 898357
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=898357
6
reference_url https://access.redhat.com/errata/RHSA-2018:3140
reference_id RHSA-2018:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3140
7
reference_url https://usn.ubuntu.com/3647-1/
reference_id USN-3647-1
reference_type
scores
url https://usn.ubuntu.com/3647-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-18267
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4hjh-cqg4-wqdk
6
url VCID-4msq-ukzj-d7ds
vulnerability_id VCID-4msq-ukzj-d7ds
summary poppler since version 0.17.3 has been vulnerable to NULL pointer dereference in pdfunite triggered by specially crafted documents.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7511.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7511
reference_id
reference_type
scores
0
value 0.00218
scoring_system epss
scoring_elements 0.44339
published_at 2026-06-04T12:55:00Z
1
value 0.00218
scoring_system epss
scoring_elements 0.44408
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7511
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7511
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1456827
reference_id 1456827
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1456827
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759
reference_id 863759
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863759
6
reference_url https://security.gentoo.org/glsa/201801-17
reference_id GLSA-201801-17
reference_type
scores
url https://security.gentoo.org/glsa/201801-17
7
reference_url https://usn.ubuntu.com/3350-1/
reference_id USN-3350-1
reference_type
scores
url https://usn.ubuntu.com/3350-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-7511
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4msq-ukzj-d7ds
7
url VCID-4mt9-s54t-uub2
vulnerability_id VCID-4mt9-s54t-uub2
summary The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability because a data structure is not initialized, which allows an attacker to launch a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14975.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14975
reference_id
reference_type
scores
0
value 0.01097
scoring_system epss
scoring_elements 0.78346
published_at 2026-06-04T12:55:00Z
1
value 0.01097
scoring_system epss
scoring_elements 0.78372
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14975
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1500343
reference_id 1500343
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1500343
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957
reference_id 877957
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877957
18
reference_url https://security.gentoo.org/glsa/201804-03
reference_id GLSA-201804-03
reference_type
scores
url https://security.gentoo.org/glsa/201804-03
19
reference_url https://usn.ubuntu.com/3440-1/
reference_id USN-3440-1
reference_type
scores
url https://usn.ubuntu.com/3440-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14975
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4mt9-s54t-uub2
8
url VCID-4wbd-xbks-b3c7
vulnerability_id VCID-4wbd-xbks-b3c7
summary An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-18897.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-18897
reference_id
reference_type
scores
0
value 0.0015
scoring_system epss
scoring_elements 0.35283
published_at 2026-06-04T12:55:00Z
1
value 0.0015
scoring_system epss
scoring_elements 0.35379
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-18897
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18897
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1646546
reference_id 1646546
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1646546
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164
reference_id 913164
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913164
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
8
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2018-18897
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4wbd-xbks-b3c7
9
url VCID-5py6-nrs3-13f5
vulnerability_id VCID-5py6-nrs3-13f5
summary In Poppler 0.59.0, a NULL Pointer Dereference exists in AnnotRichMedia::Configuration::Configuration in Annot.cc via a crafted PDF document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14928.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14928
reference_id
reference_type
scores
0
value 0.00173
scoring_system epss
scoring_elements 0.38397
published_at 2026-06-04T12:55:00Z
1
value 0.00173
scoring_system epss
scoring_elements 0.38485
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14928
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14928
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.9
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:N/A:C
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1500322
reference_id 1500322
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1500322
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231
reference_id 877231
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877231
6
reference_url https://usn.ubuntu.com/3440-1/
reference_id USN-3440-1
reference_type
scores
url https://usn.ubuntu.com/3440-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14928
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5py6-nrs3-13f5
10
url VCID-61wf-ahyh-dkb7
vulnerability_id VCID-61wf-ahyh-dkb7
summary poppler: Reachable assertion in Object.h
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38349.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-38349
reference_id
reference_type
scores
0
value 0.0002
scoring_system epss
scoring_elements 0.05655
published_at 2026-06-04T12:55:00Z
1
value 0.0002
scoring_system epss
scoring_elements 0.05675
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-38349
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38349
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282
reference_id 1282
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2251630
reference_id 2251630
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2251630
6
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28
reference_id 4564a002bcb6094cc460bc0d5ddff9423fe6dd28
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T14:39:03Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28
7
reference_url https://usn.ubuntu.com/6508-1/
reference_id USN-6508-1
reference_type
scores
url https://usn.ubuntu.com/6508-1/
fixed_packages
0
url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-4n4u-c4u9-kkep
2
vulnerability VCID-4y9q-jfwk-5bde
3
vulnerability VCID-arhw-n285-r3dv
4
vulnerability VCID-e3pp-vnez-rude
5
vulnerability VCID-r2f4-bgaw-t7gu
6
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1
aliases CVE-2022-38349
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-61wf-ahyh-dkb7
11
url VCID-62zk-x2n8-wudz
vulnerability_id VCID-62zk-x2n8-wudz
summary A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Annot.c.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20551.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20551
reference_id
reference_type
scores
0
value 0.00309
scoring_system epss
scoring_elements 0.54362
published_at 2026-06-04T12:55:00Z
1
value 0.00309
scoring_system epss
scoring_elements 0.54418
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20551
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20551
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1665259
reference_id 1665259
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1665259
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525
reference_id 917525
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917525
6
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
7
reference_url https://usn.ubuntu.com/3886-1/
reference_id USN-3886-1
reference_type
scores
url https://usn.ubuntu.com/3886-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2018-20551
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-62zk-x2n8-wudz
12
url VCID-6x2t-evww-sbdv
vulnerability_id VCID-6x2t-evww-sbdv
summary The FoFiType1C::convertToType0 function in FoFiType1C.cc in Poppler 0.59.0 has a heap-based buffer over-read vulnerability if an out-of-bounds font dictionary index is encountered, which allows an attacker to launch a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14976.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14976
reference_id
reference_type
scores
0
value 0.01093
scoring_system epss
scoring_elements 0.78307
published_at 2026-06-04T12:55:00Z
1
value 0.01093
scoring_system epss
scoring_elements 0.78333
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14976
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1500345
reference_id 1500345
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1500345
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954
reference_id 877954
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877954
18
reference_url https://security.gentoo.org/glsa/201804-03
reference_id GLSA-201804-03
reference_type
scores
url https://security.gentoo.org/glsa/201804-03
19
reference_url https://usn.ubuntu.com/3517-1/
reference_id USN-3517-1
reference_type
scores
url https://usn.ubuntu.com/3517-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14976
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6x2t-evww-sbdv
13
url VCID-75bw-nnk3-5ka5
vulnerability_id VCID-75bw-nnk3-5ka5
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-38784.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-38784
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26267
published_at 2026-06-04T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.26371
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-38784
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971
reference_id 1018971
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018971
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2124527
reference_id 2124527
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2124527
7
reference_url https://security.archlinux.org/AVG-2812
reference_id AVG-2812
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2812
8
reference_url https://security.gentoo.org/glsa/202209-21
reference_id GLSA-202209-21
reference_type
scores
url https://security.gentoo.org/glsa/202209-21
9
reference_url https://access.redhat.com/errata/RHSA-2023:2259
reference_id RHSA-2023:2259
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2259
10
reference_url https://access.redhat.com/errata/RHSA-2023:2810
reference_id RHSA-2023:2810
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:2810
11
reference_url https://usn.ubuntu.com/5606-1/
reference_id USN-5606-1
reference_type
scores
url https://usn.ubuntu.com/5606-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2022-38784
risk_score 3.5
exploitability 0.5
weighted_severity 7.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-75bw-nnk3-5ka5
14
url VCID-7bkp-b1ww-7qct
vulnerability_id VCID-7bkp-b1ww-7qct
summary An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10871.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10871
reference_id
reference_type
scores
0
value 0.00628
scoring_system epss
scoring_elements 0.70634
published_at 2026-06-04T12:55:00Z
1
value 0.00628
scoring_system epss
scoring_elements 0.70676
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10871
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10871
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1696636
reference_id 1696636
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1696636
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529
reference_id 926529
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926529
6
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
7
reference_url https://access.redhat.com/errata/RHSA-2020:1074
reference_id RHSA-2020:1074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1074
8
reference_url https://usn.ubuntu.com/4646-1/
reference_id USN-4646-1
reference_type
scores
url https://usn.ubuntu.com/4646-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2019-10871
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7bkp-b1ww-7qct
15
url VCID-7fqy-zt39-2ka2
vulnerability_id VCID-7fqy-zt39-2ka2
summary FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infinite recursion, leading to a call to the error function in Error.cc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-11026.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-11026
reference_id
reference_type
scores
0
value 0.00514
scoring_system epss
scoring_elements 0.66953
published_at 2026-06-04T12:55:00Z
1
value 0.00514
scoring_system epss
scoring_elements 0.66994
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-11026
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11026
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1699862
reference_id 1699862
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1699862
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721
reference_id 926721
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926721
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2019-11026
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7fqy-zt39-2ka2
16
url VCID-7nuu-hq66-67es
vulnerability_id VCID-7nuu-hq66-67es
summary In Poppler 0.59.0, a floating point exception occurs in Splash::scaleImageYuXd() in Splash.cc, which may lead to a potential attack when handling malicious PDF files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14520.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14520
reference_id
reference_type
scores
0
value 0.00223
scoring_system epss
scoring_elements 0.45036
published_at 2026-06-04T12:55:00Z
1
value 0.00223
scoring_system epss
scoring_elements 0.45105
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14520
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1494582
reference_id 1494582
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1494582
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081
reference_id 876081
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876081
18
reference_url https://usn.ubuntu.com/3440-1/
reference_id USN-3440-1
reference_type
scores
url https://usn.ubuntu.com/3440-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14520
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7nuu-hq66-67es
17
url VCID-7thh-twxp-j3fh
vulnerability_id VCID-7thh-twxp-j3fh
summary poppler through version 0.55.0 is vulnerable to an uncontrolled recursion in pdfunite resulting into potential denial-of-service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7515.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7515
reference_id
reference_type
scores
0
value 0.00216
scoring_system epss
scoring_elements 0.44116
published_at 2026-06-04T12:55:00Z
1
value 0.00216
scoring_system epss
scoring_elements 0.44184
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7515
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7515
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 2.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1459066
reference_id 1459066
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1459066
5
reference_url https://usn.ubuntu.com/3350-1/
reference_id USN-3350-1
reference_type
scores
url https://usn.ubuntu.com/3350-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-7515
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7thh-twxp-j3fh
18
url VCID-7ukn-38hy-dffs
vulnerability_id VCID-7ukn-38hy-dffs
summary There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10768.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10768
reference_id
reference_type
scores
0
value 0.01853
scoring_system epss
scoring_elements 0.83365
published_at 2026-06-04T12:55:00Z
1
value 0.01853
scoring_system epss
scoring_elements 0.83389
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10768
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10768
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1576169
reference_id 1576169
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1576169
5
reference_url https://access.redhat.com/errata/RHSA-2018:3140
reference_id RHSA-2018:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3140
6
reference_url https://usn.ubuntu.com/3647-1/
reference_id USN-3647-1
reference_type
scores
url https://usn.ubuntu.com/3647-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
aliases CVE-2018-10768
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7ukn-38hy-dffs
19
url VCID-81rk-djd7-wkau
vulnerability_id VCID-81rk-djd7-wkau
summary An issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10873.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10873
reference_id
reference_type
scores
0
value 0.00788
scoring_system epss
scoring_elements 0.74213
published_at 2026-06-04T12:55:00Z
1
value 0.00788
scoring_system epss
scoring_elements 0.74246
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10873
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10873
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1696637
reference_id 1696637
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1696637
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532
reference_id 926532
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926532
6
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2019-10873
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-81rk-djd7-wkau
20
url VCID-9gtz-2mce-kuf6
vulnerability_id VCID-9gtz-2mce-kuf6
summary An issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10872.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10872
reference_id
reference_type
scores
0
value 0.00935
scoring_system epss
scoring_elements 0.76534
published_at 2026-06-04T12:55:00Z
1
value 0.00935
scoring_system epss
scoring_elements 0.76563
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10872
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10872
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1696638
reference_id 1696638
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1696638
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530
reference_id 926530
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926530
6
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2019-10872
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9gtz-2mce-kuf6
21
url VCID-a3vs-h3s5-zbdw
vulnerability_id VCID-a3vs-h3s5-zbdw
summary A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20650.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20650
reference_id
reference_type
scores
0
value 0.00355
scoring_system epss
scoring_elements 0.58066
published_at 2026-06-04T12:55:00Z
1
value 0.00355
scoring_system epss
scoring_elements 0.58117
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20650
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20650
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1665263
reference_id 1665263
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1665263
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974
reference_id 917974
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917974
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
8
reference_url https://usn.ubuntu.com/3865-1/
reference_id USN-3865-1
reference_type
scores
url https://usn.ubuntu.com/3865-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2018-20650
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a3vs-h3s5-zbdw
22
url VCID-afbw-asht-7bbq
vulnerability_id VCID-afbw-asht-7bbq
summary Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsample_row_box_filter function.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9631.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9631
reference_id
reference_type
scores
0
value 0.02178
scoring_system epss
scoring_elements 0.84654
published_at 2026-06-04T12:55:00Z
1
value 0.02178
scoring_system epss
scoring_elements 0.84678
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9631
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9631
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1686802
reference_id 1686802
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1686802
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673
reference_id 926673
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926673
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
8
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2019-9631
risk_score 2.3
exploitability 0.5
weighted_severity 4.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-afbw-asht-7bbq
23
url VCID-aqh3-9esc-jqg7
vulnerability_id VCID-aqh3-9esc-jqg7
summary In Poppler 0.59.0, a NULL Pointer Dereference exists in the XRef::parseEntry() function in XRef.cc via a crafted PDF document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14517.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14517
reference_id
reference_type
scores
0
value 0.00231
scoring_system epss
scoring_elements 0.45967
published_at 2026-06-04T12:55:00Z
1
value 0.00231
scoring_system epss
scoring_elements 0.46036
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14517
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1499162
reference_id 1499162
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1499162
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079
reference_id 876079
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876079
18
reference_url https://usn.ubuntu.com/3433-1/
reference_id USN-3433-1
reference_type
scores
url https://usn.ubuntu.com/3433-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14517
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-aqh3-9esc-jqg7
24
url VCID-arjj-gn1s-yue1
vulnerability_id VCID-arjj-gn1s-yue1
summary In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json
reference_id
reference_type
scores
0
value 6.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12293.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12293
reference_id
reference_type
scores
0
value 0.00948
scoring_system epss
scoring_elements 0.76699
published_at 2026-06-04T12:55:00Z
1
value 0.00948
scoring_system epss
scoring_elements 0.76728
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12293
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12293
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1713582
reference_id 1713582
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1713582
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423
reference_id 929423
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929423
6
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
7
reference_url https://access.redhat.com/errata/RHSA-2020:1074
reference_id RHSA-2020:1074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1074
8
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2019-12293
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-arjj-gn1s-yue1
25
url VCID-ax7h-qsmd-hyc9
vulnerability_id VCID-ax7h-qsmd-hyc9
summary arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9775.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9775
reference_id
reference_type
scores
0
value 0.00742
scoring_system epss
scoring_elements 0.73346
published_at 2026-06-04T12:55:00Z
1
value 0.00742
scoring_system epss
scoring_elements 0.73382
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9775
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1466442
reference_id 1466442
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1466442
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680
reference_id 865680
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865680
18
reference_url https://security.archlinux.org/ASA-201706-33
reference_id ASA-201706-33
reference_type
scores
url https://security.archlinux.org/ASA-201706-33
19
reference_url https://security.archlinux.org/AVG-326
reference_id AVG-326
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-326
20
reference_url https://access.redhat.com/errata/RHSA-2017:2551
reference_id RHSA-2017:2551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2551
21
reference_url https://usn.ubuntu.com/3350-1/
reference_id USN-3350-1
reference_type
scores
url https://usn.ubuntu.com/3350-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-9775
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ax7h-qsmd-hyc9
26
url VCID-btq8-dzuk-4yfk
vulnerability_id VCID-btq8-dzuk-4yfk
summary In Poppler 0.54.0, a memory leak vulnerability was found in the function Object::initArray in Object.cc, which allows attackers to cause a denial of service via a crafted file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9408.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9408
reference_id
reference_type
scores
0
value 0.01046
scoring_system epss
scoring_elements 0.77842
published_at 2026-06-04T12:55:00Z
1
value 0.01046
scoring_system epss
scoring_elements 0.77869
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9408
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1458702
reference_id 1458702
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1458702
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009
reference_id 864009
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864009
18
reference_url https://security.gentoo.org/glsa/201801-17
reference_id GLSA-201801-17
reference_type
scores
url https://security.gentoo.org/glsa/201801-17
19
reference_url https://usn.ubuntu.com/3350-1/
reference_id USN-3350-1
reference_type
scores
url https://usn.ubuntu.com/3350-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-9408
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-btq8-dzuk-4yfk
27
url VCID-bytg-r7hs-gyeg
vulnerability_id VCID-bytg-r7hs-gyeg
summary The FoFiTrueType::getCFFBlock function in FoFiTrueType.cc in Poppler 0.59.0 has a NULL pointer dereference vulnerability due to lack of validation of a table pointer, which allows an attacker to launch a denial of service attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14977.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14977
reference_id
reference_type
scores
0
value 0.01097
scoring_system epss
scoring_elements 0.78346
published_at 2026-06-04T12:55:00Z
1
value 0.01097
scoring_system epss
scoring_elements 0.78372
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14977
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1500344
reference_id 1500344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1500344
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952
reference_id 877952
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877952
18
reference_url https://security.gentoo.org/glsa/201804-03
reference_id GLSA-201804-03
reference_type
scores
url https://security.gentoo.org/glsa/201804-03
19
reference_url https://usn.ubuntu.com/3440-1/
reference_id USN-3440-1
reference_type
scores
url https://usn.ubuntu.com/3440-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14977
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bytg-r7hs-gyeg
28
url VCID-c2n4-uugz-wfac
vulnerability_id VCID-c2n4-uugz-wfac
summary arbitrary code execution
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9776.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9776
reference_id
reference_type
scores
0
value 0.01248
scoring_system epss
scoring_elements 0.79646
published_at 2026-06-04T12:55:00Z
1
value 0.01248
scoring_system epss
scoring_elements 0.79672
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9776
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1466443
reference_id 1466443
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1466443
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679
reference_id 865679
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865679
18
reference_url https://security.archlinux.org/ASA-201706-33
reference_id ASA-201706-33
reference_type
scores
url https://security.archlinux.org/ASA-201706-33
19
reference_url https://security.archlinux.org/AVG-326
reference_id AVG-326
reference_type
scores
0
value High
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-326
20
reference_url https://access.redhat.com/errata/RHSA-2017:2550
reference_id RHSA-2017:2550
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2550
21
reference_url https://access.redhat.com/errata/RHSA-2017:2551
reference_id RHSA-2017:2551
reference_type
scores
url https://access.redhat.com/errata/RHSA-2017:2551
22
reference_url https://usn.ubuntu.com/3440-1/
reference_id USN-3440-1
reference_type
scores
url https://usn.ubuntu.com/3440-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-9776
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2n4-uugz-wfac
29
url VCID-dwg9-w58z-ufh4
vulnerability_id VCID-dwg9-w58z-ufh4
summary In Poppler 0.59.0, a NULL Pointer Dereference exists in the SplashOutputDev::type3D0() function in SplashOutputDev.cc via a crafted PDF document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14927.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14927
reference_id
reference_type
scores
0
value 0.00155
scoring_system epss
scoring_elements 0.35873
published_at 2026-06-04T12:55:00Z
1
value 0.00155
scoring_system epss
scoring_elements 0.35969
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14927
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14927
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1500324
reference_id 1500324
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1500324
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237
reference_id 877237
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877237
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14927
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dwg9-w58z-ufh4
30
url VCID-e144-8aet-7kbn
vulnerability_id VCID-e144-8aet-7kbn
summary A stack-based buffer over-read exists in PostScriptFunction::transform in Function.cc in Xpdf 4.01.01 because GfxSeparationColorSpace and GfxDeviceNColorSpace mishandle tint transform functions. It can, for example, be triggered by sending a crafted PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12493
reference_id
reference_type
scores
0
value 0.00284
scoring_system epss
scoring_elements 0.52032
published_at 2026-06-04T12:55:00Z
1
value 0.00284
scoring_system epss
scoring_elements 0.52093
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12493
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12493
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
fixed_packages
0
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
aliases CVE-2019-12493
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e144-8aet-7kbn
31
url VCID-ezcv-cbva-kkbe
vulnerability_id VCID-ezcv-cbva-kkbe
summary A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' program, would crash the application causing a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-27778.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-27778
reference_id
reference_type
scores
0
value 0.01116
scoring_system epss
scoring_elements 0.78537
published_at 2026-06-04T12:55:00Z
1
value 0.01116
scoring_system epss
scoring_elements 0.78564
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-27778
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27778
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1900712
reference_id 1900712
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1900712
5
reference_url https://access.redhat.com/errata/RHSA-2021:1881
reference_id RHSA-2021:1881
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1881
6
reference_url https://usn.ubuntu.com/4646-1/
reference_id USN-4646-1
reference_type
scores
url https://usn.ubuntu.com/4646-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2020-27778
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ezcv-cbva-kkbe
32
url VCID-fmqa-fers-5ydf
vulnerability_id VCID-fmqa-fers-5ydf
summary Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-13988.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-13988
reference_id
reference_type
scores
0
value 0.00696
scoring_system epss
scoring_elements 0.72309
published_at 2026-06-04T12:55:00Z
1
value 0.00696
scoring_system epss
scoring_elements 0.72351
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-13988
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13988
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1602838
reference_id 1602838
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1602838
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922
reference_id 904922
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=904922
6
reference_url https://access.redhat.com/errata/RHSA-2018:3140
reference_id RHSA-2018:3140
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3140
7
reference_url https://usn.ubuntu.com/3757-1/
reference_id USN-3757-1
reference_type
scores
url https://usn.ubuntu.com/3757-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2018-13988
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fmqa-fers-5ydf
33
url VCID-fnfu-a29f-ryeg
vulnerability_id VCID-fnfu-a29f-ryeg
summary An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19058.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19058
reference_id
reference_type
scores
0
value 0.00276
scoring_system epss
scoring_elements 0.51255
published_at 2026-06-04T12:55:00Z
1
value 0.00276
scoring_system epss
scoring_elements 0.51317
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19058
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19058
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1649435
reference_id 1649435
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1649435
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177
reference_id 913177
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913177
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://usn.ubuntu.com/3837-1/
reference_id USN-3837-1
reference_type
scores
url https://usn.ubuntu.com/3837-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2018-19058
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fnfu-a29f-ryeg
34
url VCID-gg77-12mg-k7d2
vulnerability_id VCID-gg77-12mg-k7d2
summary Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19149.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19149
reference_id
reference_type
scores
0
value 0.00261
scoring_system epss
scoring_elements 0.49704
published_at 2026-06-04T12:55:00Z
1
value 0.00261
scoring_system epss
scoring_elements 0.49767
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19149
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19149
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1649457
reference_id 1649457
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1649457
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600
reference_id 914600
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914600
6
reference_url https://security.gentoo.org/glsa/201904-04
reference_id GLSA-201904-04
reference_type
scores
url https://security.gentoo.org/glsa/201904-04
7
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
8
reference_url https://usn.ubuntu.com/3837-1/
reference_id USN-3837-1
reference_type
scores
url https://usn.ubuntu.com/3837-1/
9
reference_url https://usn.ubuntu.com/3837-2/
reference_id USN-3837-2
reference_type
scores
url https://usn.ubuntu.com/3837-2/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2018-19149
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gg77-12mg-k7d2
35
url VCID-h257-3sze-qqbu
vulnerability_id VCID-h257-3sze-qqbu
summary poppler: NULL pointer dereference in `FoFiType1C::convertToType1`
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36024.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-36024
reference_id
reference_type
scores
0
value 0.00095
scoring_system epss
scoring_elements 0.26305
published_at 2026-06-04T12:55:00Z
1
value 0.00095
scoring_system epss
scoring_elements 0.26409
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-36024
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36024
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016
reference_id 1016
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1016
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2231520
reference_id 2231520
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2231520
6
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html
reference_id msg00017.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:56:32Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html
7
reference_url https://access.redhat.com/errata/RHSA-2024:2979
reference_id RHSA-2024:2979
reference_type
scores
url https://access.redhat.com/errata/RHSA-2024:2979
8
reference_url https://usn.ubuntu.com/6299-1/
reference_id USN-6299-1
reference_type
scores
url https://usn.ubuntu.com/6299-1/
fixed_packages
0
url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-4n4u-c4u9-kkep
2
vulnerability VCID-4y9q-jfwk-5bde
3
vulnerability VCID-arhw-n285-r3dv
4
vulnerability VCID-e3pp-vnez-rude
5
vulnerability VCID-r2f4-bgaw-t7gu
6
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1
aliases CVE-2020-36024
risk_score 2.5
exploitability 0.5
weighted_severity 5.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h257-3sze-qqbu
36
url VCID-hs9d-5q1m-97gk
vulnerability_id VCID-hs9d-5q1m-97gk
summary Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-18839.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-18839
reference_id
reference_type
scores
0
value 0.00182
scoring_system epss
scoring_elements 0.39711
published_at 2026-06-04T12:55:00Z
1
value 0.00182
scoring_system epss
scoring_elements 0.39796
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-18839
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-18839
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2234524
reference_id 2234524
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2234524
5
reference_url https://gitlab.freedesktop.org/poppler/poppler/issues/742
reference_id 742
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-04T16:29:54Z/
url https://gitlab.freedesktop.org/poppler/poppler/issues/742
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2020-18839
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hs9d-5q1m-97gk
37
url VCID-jvqj-5f2g-u7d7
vulnerability_id VCID-jvqj-5f2g-u7d7
summary The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json
reference_id
reference_type
scores
0
value 6.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9959.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9959
reference_id
reference_type
scores
0
value 0.01451
scoring_system epss
scoring_elements 0.81133
published_at 2026-06-04T12:55:00Z
1
value 0.01451
scoring_system epss
scoring_elements 0.8116
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9959
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9959
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1732340
reference_id 1732340
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1732340
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776
reference_id 941776
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=941776
6
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
7
reference_url https://access.redhat.com/errata/RHSA-2020:1074
reference_id RHSA-2020:1074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1074
8
reference_url https://usn.ubuntu.com/4646-1/
reference_id USN-4646-1
reference_type
scores
url https://usn.ubuntu.com/4646-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2019-9959
risk_score 2.8
exploitability 0.5
weighted_severity 5.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jvqj-5f2g-u7d7
38
url VCID-mzzq-s6gj-k3hw
vulnerability_id VCID-mzzq-s6gj-k3hw
summary In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-16646.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-16646
reference_id
reference_type
scores
0
value 0.02049
scoring_system epss
scoring_elements 0.84185
published_at 2026-06-04T12:55:00Z
1
value 0.02049
scoring_system epss
scoring_elements 0.84208
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-16646
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16646
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1626618
reference_id 1626618
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1626618
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802
reference_id 909802
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909802
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://usn.ubuntu.com/3837-1/
reference_id USN-3837-1
reference_type
scores
url https://usn.ubuntu.com/3837-1/
8
reference_url https://usn.ubuntu.com/3837-2/
reference_id USN-3837-2
reference_type
scores
url https://usn.ubuntu.com/3837-2/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2018-16646
risk_score 1.9
exploitability 0.5
weighted_severity 3.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mzzq-s6gj-k3hw
39
url VCID-ndst-6nx1-1qcp
vulnerability_id VCID-ndst-6nx1-1qcp
summary poppler: Stack-Overflow in `FoFiType1C::cvtGlyph`
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-36023.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-36023
reference_id
reference_type
scores
0
value 0.00068
scoring_system epss
scoring_elements 0.21149
published_at 2026-06-04T12:55:00Z
1
value 0.00068
scoring_system epss
scoring_elements 0.21231
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-36023
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36023
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013
reference_id 1013
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1013
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2231510
reference_id 2231510
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2231510
6
reference_url https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html
reference_id msg00017.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-09T17:59:31Z/
url https://lists.debian.org/debian-lts-announce/2023/08/msg00017.html
7
reference_url https://usn.ubuntu.com/6299-1/
reference_id USN-6299-1
reference_type
scores
url https://usn.ubuntu.com/6299-1/
fixed_packages
0
url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-4n4u-c4u9-kkep
2
vulnerability VCID-4y9q-jfwk-5bde
3
vulnerability VCID-arhw-n285-r3dv
4
vulnerability VCID-e3pp-vnez-rude
5
vulnerability VCID-r2f4-bgaw-t7gu
6
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1
aliases CVE-2020-36023
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ndst-6nx1-1qcp
40
url VCID-nmgp-gqkw-xkd1
vulnerability_id VCID-nmgp-gqkw-xkd1
summary An issue was discovered in Xpdf 4.01.01. There is an FPE in the function PostScriptFunction::exec at Function.cc for the psOpIdiv case.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10018
reference_id
reference_type
scores
0
value 0.00242
scoring_system epss
scoring_elements 0.47667
published_at 2026-06-04T12:55:00Z
1
value 0.00242
scoring_system epss
scoring_elements 0.47731
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10018
1
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10018
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133
reference_id 926133
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926133
4
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2019-10018
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nmgp-gqkw-xkd1
41
url VCID-nzk9-p4dt-wfg6
vulnerability_id VCID-nzk9-p4dt-wfg6
summary An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37051.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37051
reference_id
reference_type
scores
0
value 0.00044
scoring_system epss
scoring_elements 0.13906
published_at 2026-06-04T12:55:00Z
1
value 0.00044
scoring_system epss
scoring_elements 0.13983
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37051
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37051
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2234528
reference_id 2234528
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2234528
5
reference_url https://usn.ubuntu.com/6508-1/
reference_id USN-6508-1
reference_type
scores
url https://usn.ubuntu.com/6508-1/
fixed_packages
0
url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-4n4u-c4u9-kkep
2
vulnerability VCID-4y9q-jfwk-5bde
3
vulnerability VCID-arhw-n285-r3dv
4
vulnerability VCID-e3pp-vnez-rude
5
vulnerability VCID-r2f4-bgaw-t7gu
6
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1
aliases CVE-2022-37051
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nzk9-p4dt-wfg6
42
url VCID-p76p-4a8h-cffj
vulnerability_id VCID-p76p-4a8h-cffj
summary In Poppler 0.59.0, memory corruption occurs in a call to Object::dictLookup() in Object.h after a repeating series of Gfx::display, Gfx::go, Gfx::execOp, Gfx::opFill, Gfx::doPatternFill, Gfx::doTilingPatternFill and Gfx::drawForm calls (aka a Gfx.cc infinite loop), a different vulnerability than CVE-2017-14519.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14929.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14929
reference_id
reference_type
scores
0
value 0.00192
scoring_system epss
scoring_elements 0.40926
published_at 2026-06-04T12:55:00Z
1
value 0.00192
scoring_system epss
scoring_elements 0.41002
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14929
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14929
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1499167
reference_id 1499167
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1499167
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222
reference_id 877222
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877222
5
reference_url https://usn.ubuntu.com/3440-1/
reference_id USN-3440-1
reference_type
scores
url https://usn.ubuntu.com/3440-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14929
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p76p-4a8h-cffj
43
url VCID-p82j-3rgh-tqgf
vulnerability_id VCID-p82j-3rgh-tqgf
summary In Poppler 0.59.0, a floating point exception exists in the isImageInterpolationRequired() function in Splash.cc via a crafted PDF document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14518.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14518
reference_id
reference_type
scores
0
value 0.00272
scoring_system epss
scoring_elements 0.50797
published_at 2026-06-04T12:55:00Z
1
value 0.00272
scoring_system epss
scoring_elements 0.50857
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14518
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:N/I:N/A:P
1
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1499163
reference_id 1499163
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1499163
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082
reference_id 876082
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876082
18
reference_url https://usn.ubuntu.com/3440-1/
reference_id USN-3440-1
reference_type
scores
url https://usn.ubuntu.com/3440-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14518
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p82j-3rgh-tqgf
44
url VCID-q9zx-mkrf-k3bh
vulnerability_id VCID-q9zx-mkrf-k3bh
summary The function GfxImageColorMap::getGray in GfxState.cc in Poppler 0.54.0 allows remote attackers to cause a denial of service (stack-based buffer over-read and application crash) via a crafted PDF document, related to missing color-map validation in ImageOutputDev.cc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9865.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9865
reference_id
reference_type
scores
0
value 0.0076
scoring_system epss
scoring_elements 0.73707
published_at 2026-06-04T12:55:00Z
1
value 0.0076
scoring_system epss
scoring_elements 0.73744
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9865
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
1
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1466435
reference_id 1466435
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1466435
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477
reference_id 867477
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867477
18
reference_url https://security.gentoo.org/glsa/201801-17
reference_id GLSA-201801-17
reference_type
scores
url https://security.gentoo.org/glsa/201801-17
19
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-9865
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q9zx-mkrf-k3bh
45
url VCID-qvy8-nuu4-ufc5
vulnerability_id VCID-qvy8-nuu4-ufc5
summary In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37050.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37050
reference_id
reference_type
scores
0
value 0.00064
scoring_system epss
scoring_elements 0.20006
published_at 2026-06-04T12:55:00Z
1
value 0.00064
scoring_system epss
scoring_elements 0.2008
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37050
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37050
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274
reference_id 1274
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2234527
reference_id 2234527
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2234527
6
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990
reference_id dcd5bd8238ea448addd102ff045badd0aca1b990
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990
7
reference_url https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html
reference_id msg00022.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-07-02T14:19:32Z/
url https://lists.debian.org/debian-lts-announce/2023/10/msg00022.html
8
reference_url https://usn.ubuntu.com/6508-1/
reference_id USN-6508-1
reference_type
scores
url https://usn.ubuntu.com/6508-1/
fixed_packages
0
url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-4n4u-c4u9-kkep
2
vulnerability VCID-4y9q-jfwk-5bde
3
vulnerability VCID-arhw-n285-r3dv
4
vulnerability VCID-e3pp-vnez-rude
5
vulnerability VCID-r2f4-bgaw-t7gu
6
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1
aliases CVE-2022-37050
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qvy8-nuu4-ufc5
46
url VCID-qxhg-65zp-ufe2
vulnerability_id VCID-qxhg-65zp-ufe2
summary Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-23804.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-23804
reference_id
reference_type
scores
0
value 0.00301
scoring_system epss
scoring_elements 0.5375
published_at 2026-06-04T12:55:00Z
1
value 0.00301
scoring_system epss
scoring_elements 0.53807
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-23804
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23804
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2234526
reference_id 2234526
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2234526
5
reference_url https://usn.ubuntu.com/6508-1/
reference_id USN-6508-1
reference_type
scores
url https://usn.ubuntu.com/6508-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2020-23804
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qxhg-65zp-ufe2
47
url VCID-re3v-ymkc-53bt
vulnerability_id VCID-re3v-ymkc-53bt
summary Heap-based buffer overflow in the ExponentialFunction::ExponentialFunction function in Poppler before 0.40.0 allows remote attackers to cause a denial of service (memory corruption and crash) or possibly execute arbitrary code via an invalid blend mode in the ExtGState dictionary in a crafted PDF document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8868.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8868
reference_id
reference_type
scores
0
value 0.01087
scoring_system epss
scoring_elements 0.78249
published_at 2026-06-04T12:55:00Z
1
value 0.01087
scoring_system epss
scoring_elements 0.78274
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8868
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8868
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:N/I:N/A:P
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1326225
reference_id 1326225
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1326225
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578
reference_id 822578
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=822578
6
reference_url https://security.gentoo.org/glsa/201611-15
reference_id GLSA-201611-15
reference_type
scores
url https://security.gentoo.org/glsa/201611-15
7
reference_url https://access.redhat.com/errata/RHSA-2016:2580
reference_id RHSA-2016:2580
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:2580
8
reference_url https://usn.ubuntu.com/2958-1/
reference_id USN-2958-1
reference_type
scores
url https://usn.ubuntu.com/2958-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
aliases CVE-2015-8868
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-re3v-ymkc-53bt
48
url VCID-s2q8-deht-k3af
vulnerability_id VCID-s2q8-deht-k3af
summary A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-37052.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-37052
reference_id
reference_type
scores
0
value 0.00027
scoring_system epss
scoring_elements 0.08003
published_at 2026-06-04T12:55:00Z
1
value 0.00027
scoring_system epss
scoring_elements 0.08036
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-37052
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-37052
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278
reference_id 1278
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278
5
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2234530
reference_id 2234530
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2234530
6
reference_url https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c
reference_id 8677500399fc2548fa816b619580c2c07915a98c
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:06:03Z/
url https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c
7
reference_url https://usn.ubuntu.com/6508-1/
reference_id USN-6508-1
reference_type
scores
url https://usn.ubuntu.com/6508-1/
fixed_packages
0
url pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
purl pkg:deb/debian/poppler@22.12.0-2%2Bdeb12u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-4n4u-c4u9-kkep
2
vulnerability VCID-4y9q-jfwk-5bde
3
vulnerability VCID-arhw-n285-r3dv
4
vulnerability VCID-e3pp-vnez-rude
5
vulnerability VCID-r2f4-bgaw-t7gu
6
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@22.12.0-2%252Bdeb12u1
aliases CVE-2022-37052
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s2q8-deht-k3af
49
url VCID-snd9-bt5h-6ycw
vulnerability_id VCID-snd9-bt5h-6ycw
summary In Poppler 0.59.0, a NULL Pointer Dereference exists in the GfxImageColorMap::getGrayLine() function in GfxState.cc via a crafted PDF document.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-15565.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-15565
reference_id
reference_type
scores
0
value 0.00617
scoring_system epss
scoring_elements 0.70331
published_at 2026-06-04T12:55:00Z
1
value 0.00617
scoring_system epss
scoring_elements 0.70373
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-15565
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1510977
reference_id 1510977
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1510977
16
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066
reference_id 879066
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=879066
17
reference_url https://usn.ubuntu.com/3467-1/
reference_id USN-3467-1
reference_type
scores
url https://usn.ubuntu.com/3467-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-15565
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-snd9-bt5h-6ycw
50
url VCID-spyc-te21-j3dk
vulnerability_id VCID-spyc-te21-j3dk
summary XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when XRefEntry::setFlag in XRef.h is called from Parser::makeStream in Parser.cc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-20481.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-20481
reference_id
reference_type
scores
0
value 0.0119
scoring_system epss
scoring_elements 0.79166
published_at 2026-06-04T12:55:00Z
1
value 0.0119
scoring_system epss
scoring_elements 0.79193
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-20481
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20481
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1665266
reference_id 1665266
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1665266
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325
reference_id 917325
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=917325
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
8
reference_url https://usn.ubuntu.com/3865-1/
reference_id USN-3865-1
reference_type
scores
url https://usn.ubuntu.com/3865-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2018-20481
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-spyc-te21-j3dk
51
url VCID-syex-x1gz-3yhj
vulnerability_id VCID-syex-x1gz-3yhj
summary An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19060.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19060
reference_id
reference_type
scores
0
value 0.00147
scoring_system epss
scoring_elements 0.34888
published_at 2026-06-04T12:55:00Z
1
value 0.00147
scoring_system epss
scoring_elements 0.34984
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19060
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19060
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1649450
reference_id 1649450
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1649450
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182
reference_id 913182
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913182
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://usn.ubuntu.com/3837-1/
reference_id USN-3837-1
reference_type
scores
url https://usn.ubuntu.com/3837-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2018-19060
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-syex-x1gz-3yhj
52
url VCID-tusm-masj-pyag
vulnerability_id VCID-tusm-masj-pyag
summary An issue was discovered in Poppler 0.71.0. There is a out-of-bounds read in EmbFile::save2 in FileSpec.cc, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating embedded files before save attempts.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-19059.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-19059
reference_id
reference_type
scores
0
value 0.00129
scoring_system epss
scoring_elements 0.31787
published_at 2026-06-04T12:55:00Z
1
value 0.00129
scoring_system epss
scoring_elements 0.31858
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-19059
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19059
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1649440
reference_id 1649440
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1649440
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180
reference_id 913180
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913180
6
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
7
reference_url https://usn.ubuntu.com/3837-1/
reference_id USN-3837-1
reference_type
scores
url https://usn.ubuntu.com/3837-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2018-19059
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tusm-masj-pyag
53
url VCID-uvcz-5mb9-syeq
vulnerability_id VCID-uvcz-5mb9-syeq
summary PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9903.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9903
reference_id
reference_type
scores
0
value 0.0063
scoring_system epss
scoring_elements 0.70671
published_at 2026-06-04T12:55:00Z
1
value 0.0063
scoring_system epss
scoring_elements 0.70714
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9903
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9903
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1691724
reference_id 1691724
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1691724
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264
reference_id 925264
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925264
6
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
7
reference_url https://usn.ubuntu.com/4042-1/
reference_id USN-4042-1
reference_type
scores
url https://usn.ubuntu.com/4042-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2019-9903
risk_score 1.5
exploitability 0.5
weighted_severity 3.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uvcz-5mb9-syeq
54
url VCID-v2g6-bhw9-z3am
vulnerability_id VCID-v2g6-bhw9-z3am
summary An issue was discovered in Poppler through 0.78.0. There is a divide-by-zero error in the function SplashOutputDev::tilingPatternFill at SplashOutputDev.cc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-14494.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-14494
reference_id
reference_type
scores
0
value 0.01932
scoring_system epss
scoring_elements 0.83721
published_at 2026-06-04T12:55:00Z
1
value 0.01932
scoring_system epss
scoring_elements 0.83744
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-14494
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14494
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1797453
reference_id 1797453
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1797453
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812
reference_id 933812
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=933812
6
reference_url https://access.redhat.com/errata/RHSA-2020:3977
reference_id RHSA-2020:3977
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:3977
7
reference_url https://access.redhat.com/errata/RHSA-2020:4643
reference_id RHSA-2020:4643
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:4643
8
reference_url https://usn.ubuntu.com/4091-1/
reference_id USN-4091-1
reference_type
scores
url https://usn.ubuntu.com/4091-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2019-14494
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v2g6-bhw9-z3am
55
url VCID-v9g2-msy2-gbhc
vulnerability_id VCID-v9g2-msy2-gbhc
summary In Poppler 0.54.0, a memory leak vulnerability was found in the function gmalloc in gmem.cc, which allows attackers to cause a denial of service via a crafted file.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-9406.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-9406
reference_id
reference_type
scores
0
value 0.01046
scoring_system epss
scoring_elements 0.77842
published_at 2026-06-04T12:55:00Z
1
value 0.01046
scoring_system epss
scoring_elements 0.77869
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-9406
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14517
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14518
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14519
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14520
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14975
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14976
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14977
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15565
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9406
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9408
12
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9775
13
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9776
14
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9865
15
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.1
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:N/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
16
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1458701
reference_id 1458701
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1458701
17
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010
reference_id 864010
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864010
18
reference_url https://security.gentoo.org/glsa/201801-17
reference_id GLSA-201801-17
reference_type
scores
url https://security.gentoo.org/glsa/201801-17
19
reference_url https://usn.ubuntu.com/3350-1/
reference_id USN-3350-1
reference_type
scores
url https://usn.ubuntu.com/3350-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-9406
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v9g2-msy2-gbhc
56
url VCID-wgrw-vedu-j7gv
vulnerability_id VCID-wgrw-vedu-j7gv
summary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-27337.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-27337
reference_id
reference_type
scores
0
value 0.00237
scoring_system epss
scoring_elements 0.46938
published_at 2026-06-04T12:55:00Z
1
value 0.00237
scoring_system epss
scoring_elements 0.47004
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-27337
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27337
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-38784
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695
reference_id 1010695
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1010695
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2087190
reference_id 2087190
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2087190
7
reference_url https://security.archlinux.org/AVG-2812
reference_id AVG-2812
reference_type
scores
0
value Unknown
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-2812
8
reference_url https://security.gentoo.org/glsa/202509-01
reference_id GLSA-202509-01
reference_type
scores
url https://security.gentoo.org/glsa/202509-01
9
reference_url https://access.redhat.com/errata/RHSA-2022:7594
reference_id RHSA-2022:7594
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:7594
10
reference_url https://access.redhat.com/errata/RHSA-2022:8151
reference_id RHSA-2022:8151
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8151
11
reference_url https://usn.ubuntu.com/6273-1/
reference_id USN-6273-1
reference_type
scores
url https://usn.ubuntu.com/6273-1/
12
reference_url https://usn.ubuntu.com/7687-1/
reference_id USN-7687-1
reference_type
scores
url https://usn.ubuntu.com/7687-1/
fixed_packages
0
url pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
purl pkg:deb/debian/poppler@20.09.0-3.1%2Bdeb11u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-25s4-qujz-8kcf
1
vulnerability VCID-2xrd-q3wc-kfhj
2
vulnerability VCID-4n4u-c4u9-kkep
3
vulnerability VCID-4y9q-jfwk-5bde
4
vulnerability VCID-61wf-ahyh-dkb7
5
vulnerability VCID-arhw-n285-r3dv
6
vulnerability VCID-e3pp-vnez-rude
7
vulnerability VCID-h257-3sze-qqbu
8
vulnerability VCID-ndst-6nx1-1qcp
9
vulnerability VCID-nzk9-p4dt-wfg6
10
vulnerability VCID-qvy8-nuu4-ufc5
11
vulnerability VCID-r2f4-bgaw-t7gu
12
vulnerability VCID-s2q8-deht-k3af
13
vulnerability VCID-sw3e-49nw-w7fv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@20.09.0-3.1%252Bdeb11u1
aliases CVE-2022-27337
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wgrw-vedu-j7gv
57
url VCID-xbpw-d63u-vyc1
vulnerability_id VCID-xbpw-d63u-vyc1
summary Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-21009.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-21009
reference_id
reference_type
scores
0
value 0.00481
scoring_system epss
scoring_elements 0.65479
published_at 2026-06-04T12:55:00Z
1
value 0.00481
scoring_system epss
scoring_elements 0.65531
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-21009
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-21009
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1753850
reference_id 1753850
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1753850
5
reference_url https://access.redhat.com/errata/RHSA-2020:1074
reference_id RHSA-2020:1074
reference_type
scores
url https://access.redhat.com/errata/RHSA-2020:1074
6
reference_url https://usn.ubuntu.com/4646-1/
reference_id USN-4646-1
reference_type
scores
url https://usn.ubuntu.com/4646-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2018-21009
risk_score 2.6
exploitability 0.5
weighted_severity 5.3
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xbpw-d63u-vyc1
58
url VCID-xsp3-9g35-m7b5
vulnerability_id VCID-xsp3-9g35-m7b5
summary A stack-based buffer over-read exists in FoFiTrueType::dumpString in fofi/FoFiTrueType.cc in Xpdf 4.01.01. It can, for example, be triggered by sending crafted TrueType data in a PDF document to the pdftops tool. It might allow an attacker to cause Denial of Service or leak memory data into dump content.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-12360.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-12360
reference_id
reference_type
scores
0
value 0.00338
scoring_system epss
scoring_elements 0.56846
published_at 2026-06-04T12:55:00Z
1
value 0.00338
scoring_system epss
scoring_elements 0.56897
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-12360
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12360
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1850876
reference_id 1850876
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1850876
fixed_packages
0
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
aliases CVE-2019-12360
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xsp3-9g35-m7b5
59
url VCID-y1fm-k61h-27hz
vulnerability_id VCID-y1fm-k61h-27hz
summary In Poppler 0.59.0, a floating point exception occurs in the ImageStream class in Stream.cc, which may lead to a potential attack when handling malicious PDF files.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json
reference_id
reference_type
scores
0
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-14617.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-14617
reference_id
reference_type
scores
0
value 0.00525
scoring_system epss
scoring_elements 0.67331
published_at 2026-06-04T12:55:00Z
1
value 0.00525
scoring_system epss
scoring_elements 0.67373
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-14617
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14617
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 1.7
scoring_system cvssv2
scoring_elements AV:L/AC:L/Au:S/C:N/I:N/A:P
1
value 3.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1499905
reference_id 1499905
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1499905
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385
reference_id 876385
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876385
6
reference_url https://usn.ubuntu.com/3440-1/
reference_id USN-3440-1
reference_type
scores
url https://usn.ubuntu.com/3440-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-14617
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-y1fm-k61h-27hz
60
url VCID-yhxt-1rx2-cbc1
vulnerability_id VCID-yhxt-1rx2-cbc1
summary freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000456.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000456
reference_id
reference_type
scores
0
value 0.00719
scoring_system epss
scoring_elements 0.72835
published_at 2026-06-04T12:55:00Z
1
value 0.00719
scoring_system epss
scoring_elements 0.72873
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000456
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000456
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1531382
reference_id 1531382
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1531382
5
reference_url https://security.gentoo.org/glsa/201804-03
reference_id GLSA-201804-03
reference_type
scores
url https://security.gentoo.org/glsa/201804-03
6
reference_url https://usn.ubuntu.com/3517-1/
reference_id USN-3517-1
reference_type
scores
url https://usn.ubuntu.com/3517-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
purl pkg:deb/debian/poppler@0.26.5-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-7ukn-38hy-dffs
19
vulnerability VCID-81rk-djd7-wkau
20
vulnerability VCID-9gtz-2mce-kuf6
21
vulnerability VCID-a3vs-h3s5-zbdw
22
vulnerability VCID-afbw-asht-7bbq
23
vulnerability VCID-aqh3-9esc-jqg7
24
vulnerability VCID-arjj-gn1s-yue1
25
vulnerability VCID-ax7h-qsmd-hyc9
26
vulnerability VCID-btq8-dzuk-4yfk
27
vulnerability VCID-bytg-r7hs-gyeg
28
vulnerability VCID-c2n4-uugz-wfac
29
vulnerability VCID-dwg9-w58z-ufh4
30
vulnerability VCID-e144-8aet-7kbn
31
vulnerability VCID-ezcv-cbva-kkbe
32
vulnerability VCID-fmqa-fers-5ydf
33
vulnerability VCID-fnfu-a29f-ryeg
34
vulnerability VCID-gg77-12mg-k7d2
35
vulnerability VCID-h257-3sze-qqbu
36
vulnerability VCID-hs9d-5q1m-97gk
37
vulnerability VCID-jvqj-5f2g-u7d7
38
vulnerability VCID-mzzq-s6gj-k3hw
39
vulnerability VCID-ndst-6nx1-1qcp
40
vulnerability VCID-nmgp-gqkw-xkd1
41
vulnerability VCID-nzk9-p4dt-wfg6
42
vulnerability VCID-p76p-4a8h-cffj
43
vulnerability VCID-p82j-3rgh-tqgf
44
vulnerability VCID-q9zx-mkrf-k3bh
45
vulnerability VCID-qvy8-nuu4-ufc5
46
vulnerability VCID-qxhg-65zp-ufe2
47
vulnerability VCID-re3v-ymkc-53bt
48
vulnerability VCID-s2q8-deht-k3af
49
vulnerability VCID-snd9-bt5h-6ycw
50
vulnerability VCID-spyc-te21-j3dk
51
vulnerability VCID-syex-x1gz-3yhj
52
vulnerability VCID-tusm-masj-pyag
53
vulnerability VCID-uvcz-5mb9-syeq
54
vulnerability VCID-v2g6-bhw9-z3am
55
vulnerability VCID-v9g2-msy2-gbhc
56
vulnerability VCID-wgrw-vedu-j7gv
57
vulnerability VCID-xbpw-d63u-vyc1
58
vulnerability VCID-xsp3-9g35-m7b5
59
vulnerability VCID-y1fm-k61h-27hz
60
vulnerability VCID-yhxt-1rx2-cbc1
61
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u4
1
url pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
purl pkg:deb/debian/poppler@0.48.0-2%2Bdeb9u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-161f-sfg7-8bhf
1
vulnerability VCID-1dky-1wb2-huaa
2
vulnerability VCID-1vfp-wqj8-pqh3
3
vulnerability VCID-2dsa-qkvf-h3fw
4
vulnerability VCID-2xrd-q3wc-kfhj
5
vulnerability VCID-4hjh-cqg4-wqdk
6
vulnerability VCID-4msq-ukzj-d7ds
7
vulnerability VCID-4mt9-s54t-uub2
8
vulnerability VCID-4wbd-xbks-b3c7
9
vulnerability VCID-5py6-nrs3-13f5
10
vulnerability VCID-61wf-ahyh-dkb7
11
vulnerability VCID-62zk-x2n8-wudz
12
vulnerability VCID-6x2t-evww-sbdv
13
vulnerability VCID-75bw-nnk3-5ka5
14
vulnerability VCID-7bkp-b1ww-7qct
15
vulnerability VCID-7fqy-zt39-2ka2
16
vulnerability VCID-7nuu-hq66-67es
17
vulnerability VCID-7thh-twxp-j3fh
18
vulnerability VCID-81rk-djd7-wkau
19
vulnerability VCID-9gtz-2mce-kuf6
20
vulnerability VCID-a3vs-h3s5-zbdw
21
vulnerability VCID-afbw-asht-7bbq
22
vulnerability VCID-aqh3-9esc-jqg7
23
vulnerability VCID-arjj-gn1s-yue1
24
vulnerability VCID-ax7h-qsmd-hyc9
25
vulnerability VCID-btq8-dzuk-4yfk
26
vulnerability VCID-bytg-r7hs-gyeg
27
vulnerability VCID-c2n4-uugz-wfac
28
vulnerability VCID-dwg9-w58z-ufh4
29
vulnerability VCID-ezcv-cbva-kkbe
30
vulnerability VCID-fmqa-fers-5ydf
31
vulnerability VCID-fnfu-a29f-ryeg
32
vulnerability VCID-gg77-12mg-k7d2
33
vulnerability VCID-h257-3sze-qqbu
34
vulnerability VCID-hs9d-5q1m-97gk
35
vulnerability VCID-jvqj-5f2g-u7d7
36
vulnerability VCID-mzzq-s6gj-k3hw
37
vulnerability VCID-ndst-6nx1-1qcp
38
vulnerability VCID-nmgp-gqkw-xkd1
39
vulnerability VCID-nzk9-p4dt-wfg6
40
vulnerability VCID-p76p-4a8h-cffj
41
vulnerability VCID-p82j-3rgh-tqgf
42
vulnerability VCID-q9zx-mkrf-k3bh
43
vulnerability VCID-qvy8-nuu4-ufc5
44
vulnerability VCID-qxhg-65zp-ufe2
45
vulnerability VCID-s2q8-deht-k3af
46
vulnerability VCID-snd9-bt5h-6ycw
47
vulnerability VCID-spyc-te21-j3dk
48
vulnerability VCID-syex-x1gz-3yhj
49
vulnerability VCID-tusm-masj-pyag
50
vulnerability VCID-uvcz-5mb9-syeq
51
vulnerability VCID-v2g6-bhw9-z3am
52
vulnerability VCID-v9g2-msy2-gbhc
53
vulnerability VCID-wgrw-vedu-j7gv
54
vulnerability VCID-xbpw-d63u-vyc1
55
vulnerability VCID-y1fm-k61h-27hz
56
vulnerability VCID-yhxt-1rx2-cbc1
57
vulnerability VCID-zgt3-rj7n-vuah
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.48.0-2%252Bdeb9u2
2
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2017-1000456
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yhxt-1rx2-cbc1
61
url VCID-zgt3-rj7n-vuah
vulnerability_id VCID-zgt3-rj7n-vuah
summary In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-7310.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-7310
reference_id
reference_type
scores
0
value 0.00247
scoring_system epss
scoring_elements 0.48154
published_at 2026-06-04T12:55:00Z
1
value 0.00247
scoring_system epss
scoring_elements 0.48216
published_at 2026-06-05T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-7310
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7310
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1672419
reference_id 1672419
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1672419
5
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215
reference_id 921215
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=921215
6
reference_url https://security.archlinux.org/AVG-869
reference_id AVG-869
reference_type
scores
0
value Low
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-869
7
reference_url https://access.redhat.com/errata/RHSA-2019:2022
reference_id RHSA-2019:2022
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2022
8
reference_url https://access.redhat.com/errata/RHSA-2019:2713
reference_id RHSA-2019:2713
reference_type
scores
url https://access.redhat.com/errata/RHSA-2019:2713
9
reference_url https://usn.ubuntu.com/3886-1/
reference_id USN-3886-1
reference_type
scores
url https://usn.ubuntu.com/3886-1/
fixed_packages
0
url pkg:deb/debian/poppler@0.71.0-5
purl pkg:deb/debian/poppler@0.71.0-5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-2xrd-q3wc-kfhj
1
vulnerability VCID-4wbd-xbks-b3c7
2
vulnerability VCID-61wf-ahyh-dkb7
3
vulnerability VCID-75bw-nnk3-5ka5
4
vulnerability VCID-7bkp-b1ww-7qct
5
vulnerability VCID-7fqy-zt39-2ka2
6
vulnerability VCID-a3vs-h3s5-zbdw
7
vulnerability VCID-ezcv-cbva-kkbe
8
vulnerability VCID-fnfu-a29f-ryeg
9
vulnerability VCID-h257-3sze-qqbu
10
vulnerability VCID-hs9d-5q1m-97gk
11
vulnerability VCID-jvqj-5f2g-u7d7
12
vulnerability VCID-ndst-6nx1-1qcp
13
vulnerability VCID-nzk9-p4dt-wfg6
14
vulnerability VCID-qvy8-nuu4-ufc5
15
vulnerability VCID-qxhg-65zp-ufe2
16
vulnerability VCID-s2q8-deht-k3af
17
vulnerability VCID-syex-x1gz-3yhj
18
vulnerability VCID-tusm-masj-pyag
19
vulnerability VCID-uvcz-5mb9-syeq
20
vulnerability VCID-v2g6-bhw9-z3am
21
vulnerability VCID-wgrw-vedu-j7gv
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.71.0-5
aliases CVE-2019-7310
risk_score 2.4
exploitability 0.5
weighted_severity 4.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-zgt3-rj7n-vuah
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/poppler@0.26.5-2%252Bdeb8u1~bpo70%252B1